Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/8FBDDA88024311EF8F71D755017001B1.roa
File:                     8FBDDA88024311EF8F71D755017001B1.roa (raw, json)
Hash identifier:          U5+3ihpDeTDN/QaTSJ0S4ji0OUYXEbqAt0B5DT/fsvo=
Subject key identifier:   6F:F7:77:95:35:9B:EB:C3:F0:C2:0A:59:A8:B7:F9:CC:93:16:E4:C0
Certificate issuer:       /CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Certificate serial:       23
Authority key identifier: 4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/8FBDDA88024311EF8F71D755017001B1.roa
Signing time:             Wed 24 Apr 2024 14:04:27 +0000
ROA not before:           Wed 24 Apr 2024 14:04:23 +0000
ROA not after:            Mon 24 Apr 2034 14:04:23 +0000
asID:                     206283
IP address blocks:        41.92.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35 (0x23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
        Validity
            Not Before: Apr 24 14:04:23 2024 GMT
            Not After : Apr 24 14:04:23 2034 GMT
        Subject: CN=6629116b-98f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6a:69:4f:91:3b:2b:63:d5:ff:51:60:9d:9b:
                    7f:c6:92:d1:49:58:e7:c7:ba:fe:30:34:f7:80:ae:
                    b3:f8:a4:e1:72:45:f3:d5:dd:a0:8e:08:e9:8c:bb:
                    0b:01:e2:97:ed:9e:66:6a:44:a2:c0:28:01:28:a9:
                    10:74:17:47:a6:a1:31:a6:42:87:ae:98:76:de:bc:
                    50:de:b8:22:7f:2d:df:3f:22:1d:71:d6:8a:7e:30:
                    56:18:d5:62:bf:a8:f4:11:e7:77:29:2e:ad:95:fd:
                    37:72:75:d8:e5:2d:a1:c0:40:b0:a4:2f:ff:af:06:
                    d6:52:9e:67:7a:4c:aa:30:d4:47:e4:ce:be:98:49:
                    d6:14:53:8f:32:e8:ad:cf:4c:bd:69:c1:26:99:4a:
                    39:c7:2d:de:f0:1e:64:58:0d:3c:52:b7:e9:56:25:
                    8d:cb:f3:62:b8:43:e8:8d:83:4e:f9:7d:a5:3e:88:
                    c1:be:79:4c:f7:18:bd:bd:d7:66:21:9e:ea:f0:10:
                    d1:ce:03:00:fd:b0:81:c9:49:7c:f4:b6:5e:d7:51:
                    3f:bf:69:a7:ee:a5:53:a3:a3:4a:de:38:be:b8:05:
                    c1:bb:83:ae:28:a0:33:7c:98:24:ff:01:a2:da:b1:
                    ad:4a:3d:3d:f5:df:60:b2:d5:b6:20:93:a6:4b:ea:
                    c8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:F7:77:95:35:9B:EB:C3:F0:C2:0A:59:A8:B7:F9:CC:93:16:E4:C0
            X509v3 Authority Key Identifier:
                keyid:4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/8FBDDA88024311EF8F71D755017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.92.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:34:87:d9:73:25:88:20:aa:0e:d3:ff:bd:24:28:f0:f4:d7:
         19:c0:58:c5:2d:00:cd:01:5f:f5:34:cc:94:79:e3:a7:a4:80:
         85:61:dc:75:af:9d:07:a4:ce:38:3b:f9:1e:ab:0b:cc:e5:24:
         77:8a:9d:7b:52:04:a4:e9:17:57:bf:e2:d8:b4:85:c4:66:b0:
         00:5a:04:4e:c0:13:b3:7e:8a:b0:98:78:89:3a:4d:b0:8d:a2:
         b0:62:8d:55:f8:dc:b4:3e:f9:bf:ed:6d:d1:37:f2:d9:91:1b:
         29:1c:e2:98:d2:4c:4c:0e:13:f7:33:42:b9:1f:4f:a6:61:29:
         74:28:68:59:da:ec:12:4c:15:21:b5:a9:c2:b7:32:3c:28:24:
         32:6f:f4:41:2a:fd:8a:6f:42:98:c6:61:12:a1:fa:5b:0e:0f:
         4f:76:cb:eb:ab:40:98:ff:d1:85:e5:82:b5:1a:17:e8:6c:03:
         9c:6d:15:73:be:e4:e6:65:0b:ae:64:0f:80:a8:46:00:75:2d:
         d6:0d:8c:d0:d0:b7:2b:5d:0d:37:51:f9:14:74:51:66:2d:43:
         cb:4a:6c:72:7c:4e:5d:14:e3:63:60:f8:89:25:07:9f:f4:36:
         ca:9d:16:bf:03:fd:fe:0a:29:01:f6:d0:ae:fa:95:e9:b6:11:
         2d:f8:ce:46
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBIzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QkE2QUFGMTEwLwYDVQQFEyg0RjQ4RTdFQTMwQzk4OUIxNUQzNjM5Mzc3NjM1NTNB
MDdFMTZDRDhFMB4XDTI0MDQyNDE0MDQyM1oXDTM0MDQyNDE0MDQyM1owGDEWMBQG
A1UEAxMNNjYyOTExNmItOThmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhqaU+ROytj1f9RYJ2bf8aS0UlY58e6/jA094Cus/ik4XJF89XdoI4I6Yy7
CwHil+2eZmpEosAoASipEHQXR6ahMaZCh66Ydt68UN64In8t3z8iHXHWin4wVhjV
Yr+o9BHndykurZX9N3J12OUtocBAsKQv/68G1lKeZ3pMqjDUR+TOvphJ1hRTjzLo
rc9MvWnBJplKOcct3vAeZFgNPFK36VYljcvzYrhD6I2DTvl9pT6Iwb55TPcYvb3X
ZiGe6vAQ0c4DAP2wgclJfPS2XtdRP79pp+6lU6OjSt44vrgFwbuDriigM3yYJP8B
otqxrUo9PfXfYLLVtiCTpkvqyH0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRv93eV
NZvrw/DCClmot/nMkxbkwDAfBgNVHSMEGDAWgBRPSOfqMMmJsV02OTd2NVOgfhbN
jjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1NDEyRTYvVDBqbjZq
REppYkZkTmprM2RqVlRvSDRXelk0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVDBqbjZqREppYkZkTmprM2RqVlRvSDRXelk0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1
NDEyRTYvOEZCRERBODgwMjQzMTFFRjhGNzFENzU1MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAClc+DANBgkqhkiG9w0BAQsF
AAOCAQEAXjSH2XMliCCqDtP/vSQo8PTXGcBYxS0AzQFf9TTMlHnjp6SAhWHcda+d
B6TOODv5HqsLzOUkd4qde1IEpOkXV7/i2LSFxGawAFoETsATs36KsJh4iTpNsI2i
sGKNVfjctD75v+1t0Tfy2ZEbKRzimNJMTA4T9zNCuR9PpmEpdChoWdrsEkwVIbWp
wrcyPCgkMm/0QSr9im9CmMZhEqH6Ww4PT3bL66tAmP/RheWCtRoX6GwDnG0Vc77k
5mULrmQPgKhGAHUt1g2M0NC3K10NN1H5FHRRZi1Dy0pscnxOXRTjY2D4iSUHn/Q2
yp0WvwP9/gopAfbQrvqV6bYRLfjORg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:05 2024 by rpki-client on console-ams.rpki-client.org